This was reopened because of a regression. That regression was handled
in Bug #1529319, so I'm resetting this bug to its previous status.
** Changed in: ceph (Ubuntu)
Importance: Undecided => High
** Changed in: ceph (Ubuntu)
Status: Invalid => Fix Released
** Changed in: libvirt
Marking ceph task as invalid, packages in Ubuntu don't enable this
feature unlike upstream.
** Changed in: ceph (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
Marking ceph task as invalid, packages in Ubuntu don't enable this
feature unlike upstream.
** Changed in: ceph (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Ken, that's great: denying lttng in the profile just to silence the logs
is certainly unfortunate for the people who want to use lttng to measure
and inspect their VMs as the reason why lttng doesn't work is impossible
to discover.
Thanks
--
You received this bug notification because you are a
Ken, that's great: denying lttng in the profile just to silence the logs
is certainly unfortunate for the people who want to use lttng to measure
and inspect their VMs as the reason why lttng doesn't work is impossible
to discover.
Thanks
--
You received this bug notification because you are a
adding /run/shm/lttng-ust-wait-5 rw, to /etc/apparmor.d/abstractions
/libvirt-qemu is the fix.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to
FYI ceph v0.94.6 will load LTTng-UST only when specifically configured.
This should avoid SELinux / AppArmor denials in most cases. See
http://tracker.ceph.com/issues/13274
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in
FYI ceph v0.94.6 will load LTTng-UST only when specifically configured.
This should avoid SELinux / AppArmor denials in most cases. See
http://tracker.ceph.com/issues/13274
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
adding /run/shm/lttng-ust-wait-5 rw, to /etc/apparmor.d/abstractions
/libvirt-qemu is the fix.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read
Note that adding that entry may allow virtual machines an unexpected and
unwelcome amount of influence over the host system. If you just want the
errors silenced, use 'deny /run/shm/lttng-ust-wait-5 rw,' instead. If
you actually want lttng to function, then feel free to continue using
the allow
Note that adding that entry may allow virtual machines an unexpected and
unwelcome amount of influence over the host system. If you just want the
errors silenced, use 'deny /run/shm/lttng-ust-wait-5 rw,' instead. If
you actually want lttng to function, then feel free to continue using
the allow
We're using libvirt 1.2.12-0ubuntu13~cloud0.
Patz: There is noting in syslog about a key. I don't believe this bug
has anything to do with a key.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
Serge we (Matt Fischer and myself) are using UCA Kilo with Trusty.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
@serge this is a different path in Hammer that needs also to have a fix
similar to 1432644 so ANOTHER lttng issue.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
And since that was self-referential, maybe we just need a brand new bug.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read
So Mfischer said "reopening" I think the bug recurred in a slightly
different way. So maybe we need a new bug either way we'd like the
fix.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
We're using libvirt 1.2.12-0ubuntu13~cloud0.
Patz: There is noting in syslog about a key. I don't believe this bug
has anything to do with a key.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
So Mfischer said "reopening" I think the bug recurred in a slightly
different way. So maybe we need a new bug either way we'd like the
fix.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Serge we (Matt Fischer and myself) are using UCA Kilo with Trusty.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
To manage
And since that was self-referential, maybe we just need a brand new bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
To
@serge this is a different path in Hammer that needs also to have a fix
similar to 1432644 so ANOTHER lttng issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries
Hi All
We had the same issue, but in our end it was misconfiguration of the key.
Make sure that the key you see in trace log is indeed the key you have in
/etc/ceph/ceph.client.cinder.keying, if not try to fix in
/etc/libvirt/secrets/, and reload with virsh secret define.
If it configured OK,
Hi All
We had the same issue, but in our end it was misconfiguration of the key.
Make sure that the key you see in trace log is indeed the key you have in
/etc/ceph/ceph.client.cinder.keying, if not try to fix in
/etc/libvirt/secrets/, and reload with virsh secret define.
If it configured OK,
Issue still exists in 0.94.5-1trusty (hammer). Will this be ever fixed
in hammer?
** Changed in: libvirt (Ubuntu)
Status: Fix Released => Confirmed
** Changed in: ceph (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of
Issue still exists in 0.94.5-1trusty (hammer). Will this be ever fixed
in hammer?
** Changed in: libvirt (Ubuntu)
Status: Fix Released => Confirmed
** Changed in: ceph (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of
Reopening since this is not fixed in either ceph or libvirt to my
knowledge. Package versions referenced here still have the issue.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Reopening since this is not fixed in either ceph or libvirt to my
knowledge. Package versions referenced here still have the issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
The bug was fixed in vivid (and later). Which libvirt version are you
using?
It sounds like we need to SRU this to trusty.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
The bug was fixed in vivid (and later). Which libvirt version are you
using?
It sounds like we need to SRU this to trusty.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
It looks like this bug has regressed due to the path of lttng-ust-wait-5
path changing to the following:
/run/shm/lttng-ust-wait-5
Would someoone be kind enough to release a fix for this?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
It looks like this bug has regressed due to the path of lttng-ust-wait-5
path changing to the following:
/run/shm/lttng-ust-wait-5
Would someoone be kind enough to release a fix for this?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
I'm affected too by the "log flooding" issue, although I can start VMs.
[4220163.899438] type=1400 audit(1447230173.207:7763726):
apparmor="DENIED" operation="open" profile="libvirt-a9c8bb9b-f2cc-4e4f-
b7b1-c6152d8029c4" name="/run/shm/lttng-ust-wait-5" pid=69948 comm
="qemu-system-x86"
I'm affected too by the "log flooding" issue, although I can start VMs.
[4220163.899438] type=1400 audit(1447230173.207:7763726):
apparmor="DENIED" operation="open" profile="libvirt-a9c8bb9b-f2cc-4e4f-
b7b1-c6152d8029c4" name="/run/shm/lttng-ust-wait-5" pid=69948 comm
="qemu-system-x86"
@jdstrand
I'm running the latest ceph-docker/daemon image with the ceph package
version 0.94.2-1trusty and see the same issue:
libust[5136/5462]: Error: Error opening shm /lttng-ust-wait-5-0 (in
get_wait_shm() at lttng-ust-comm.c:886)
libust[5136/5461]: Error: Error opening shm
@jdstrand
I'm running the latest ceph-docker/daemon image with the ceph package
version 0.94.2-1trusty and see the same issue:
libust[5136/5462]: Error: Error opening shm /lttng-ust-wait-5-0 (in
get_wait_shm() at lttng-ust-comm.c:886)
libust[5136/5461]: Error: Error opening shm
None of the solutions provided work for me.
root@compute1:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION=Ubuntu 14.04.2 LTS
root@compute1:~# dpkg -l | grep libvirt
ii libvirt-bin 1.2.12-0ubuntu13~cloud0
None of the solutions provided work for me.
root@compute1:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION=Ubuntu 14.04.2 LTS
root@compute1:~# dpkg -l | grep libvirt
ii libvirt-bin 1.2.12-0ubuntu13~cloud0
George, if you want to allow the lttng accesses, edit
/etc/apparmor.d/libvirt/TEMPLATE and the other similar profiles in
/etc/apparmor.d/libvirt/ and add:
/run/shm/lttng-ust-wait-5 rw,
Then run apparmor_parser --replace $(ls -1
/etc/apparmor.d/libvirt/libvirt* | grep -v files)
This does allow
George, if you want to allow the lttng accesses, edit
/etc/apparmor.d/libvirt/TEMPLATE and the other similar profiles in
/etc/apparmor.d/libvirt/ and add:
/run/shm/lttng-ust-wait-5 rw,
Then run apparmor_parser --replace $(ls -1
/etc/apparmor.d/libvirt/libvirt* | grep -v files)
This does allow
I don't understand how this is going to help, as I don't have/use ceph.
Anyway, the problem still exists. Is there a way to completely disable
apparmor for libvirt temporarily, until a fix can be found, as I
*really* need it to work? Of course I could revert to 14.10, but I am
trying to help find
I don't understand how this is going to help, as I don't have/use ceph.
Anyway, the problem still exists. Is there a way to completely disable
apparmor for libvirt temporarily, until a fix can be found, as I
*really* need it to work? Of course I could revert to 14.10, but I am
trying to help find
FWIW, we are disabling the lttng support in the final hammer release to
avoid this issue (until we come up with a better solution).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
FWIW, we are disabling the lttng support in the final hammer release to
avoid this issue (until we come up with a better solution).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Sorry for not being clearer, I got rid of liblttng-ust0, but it still
fails:
Unable to complete install: 'internal error: process exited while connecting to
monitor: 2015-04-02T11:15:40.061933Z qemu-system-x86_64: -chardev
Sorry for not being clearer, I got rid of liblttng-ust0, but it still
fails:
Unable to complete install: 'internal error: process exited while connecting to
monitor: 2015-04-02T11:15:40.061933Z qemu-system-x86_64: -chardev
Quoting Petter Adsen (pet...@synth.no):
Sorry for not being clearer, I got rid of liblttng-ust0, but it still
fails:
Unable to complete install: 'internal error: process exited while connecting
to monitor: 2015-04-02T11:15:40.061933Z qemu-system-x86_64: -chardev
Quoting Petter Adsen (pet...@synth.no):
Sorry for not being clearer, I got rid of liblttng-ust0, but it still
fails:
Unable to complete install: 'internal error: process exited while connecting
to monitor: 2015-04-02T11:15:40.061933Z qemu-system-x86_64: -chardev
** Branch linked: lp:ubuntu/vivid-proposed/ceph
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
To manage notifications about
** Branch linked: lp:ubuntu/vivid-proposed/ceph
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
To manage
This bug was fixed in the package ceph - 0.93-0ubuntu6
---
ceph (0.93-0ubuntu6) vivid; urgency=medium
* d/control,rules,*.symbols: Disable lttng support until we can make
it play a bit nicer with libvirt and apparmor, drop associated
symbols (LP: #1432644).
-- James Page
This bug was fixed in the package ceph - 0.93-0ubuntu6
---
ceph (0.93-0ubuntu6) vivid; urgency=medium
* d/control,rules,*.symbols: Disable lttng support until we can make
it play a bit nicer with libvirt and apparmor, drop associated
symbols (LP: #1432644).
-- James Page
I missed the last message from the log, sorry:
audit: type=1400 audit(1427810727.733:51): apparmor=DENIED
operation=mknod profile=libvirt-5b2de2b1-0776-4d51-92cc-c4356daa075a
name=/var/lib/libvirt/qemu/channel/target/fedora20-cloud.org.qemu.guest_agent.0
pid=3147 comm=qemu-system-x86
Discussed with Serge and we're going to disable the lttng support in
ceph for vivid - needs to be a little less hard than it is right now.
raising a ceph task.
** Also affects: ceph (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
I have applied the update on vivid, and creating a new VM still fails:
Unable to complete install: 'internal error: process exited while connecting to
monitor: libust[443/443]: Warning: HOME environment variable not set. Disabling
LTTng-UST per-user tracing. (in setup_local_apps() at
Discussed with Serge and we're going to disable the lttng support in
ceph for vivid - needs to be a little less hard than it is right now.
raising a ceph task.
** Also affects: ceph (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
I looked into this with libvirt-lxc and can confirm that the domains to not
start, but the apparmor denial is a red herring. Ie, if I add this to
/etc/apparmor.d/abstractions/libvirt-lxc:
/dev/shm/lttng-ust-wait-* rw,
and this to /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper:
This is the XML (virsh -c lxc:/// dumpxml test):
domain type='lxc'
nametest/name
uuid9d578815-a1e9-4596-aef9-a70717574f0e/uuid
memory unit='KiB'1048576/memory
currentMemory unit='KiB'1048576/currentMemory
vcpu placement='static'2/vcpu
resource
partition/machine/partition
With libvirt 1.2.12-0ubuntu8 being installed, virsh still fails to start
an LXC operating system container, resulting in the following dmesg:
[ 126.832553] audit: type=1400 audit(1427571328.167:150): apparmor=DENIED
operation=open profile=/usr/lib/libvirt/virt-aa-helper
@haraldhetzner
please show the xml for the contianer which is failing to start.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
Increasing the priority of this since this blocks normal users of qemu-
system-x86 from even creating VMs.
The following illustrates the dependencies:
qemu-system-x86 - librados2 - liblttng-ust0
So either we should remove the dependencies here such that LTTng isn't
being installed by default,
Another option is making the failure to open /dev/shm/lttng-ust-wait-*
non-fatal. This is what Ubuntu Touch does on app launch.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
I should have been more clear with this comment: Please remove the
dependency on liblttng-ust0 since it breaks guest isolation.
Please remove the dependency on liblttng-ust0, make the failure to open
/dev/shm/lttng-ust-wait-* non-fatal or put the lttng file in a guest-
specific directory.
Please remove the dependency on liblttng-ust0 since it breaks guest
isolation.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
This bug was fixed in the package libvirt - 1.2.12-0ubuntu8
---
libvirt (1.2.12-0ubuntu8) vivid; urgency=medium
* silence denial of attempted reads of lttng files (LP: #1432644)
-- Serge Hallyn serge.hal...@ubuntu.com Fri, 27 Mar 2015 21:36:27 -0500
** Changed in: libvirt
This bug was fixed in the package libvirt - 1.2.12-0ubuntu8
---
libvirt (1.2.12-0ubuntu8) vivid; urgency=medium
* silence denial of attempted reads of lttng files (LP: #1432644)
-- Serge Hallyn serge.hal...@ubuntu.com Fri, 27 Mar 2015 21:36:27 -0500
** Changed in: libvirt
** Changed in: libvirt (Ubuntu)
Importance: Undecided = Low
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read /dev/shm/lttng-ust-wait-5
To manage
** Package changed: virt-manager (Ubuntu) = libvirt (Ubuntu)
** Tags added: apparmor
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: libvirt (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
** Package changed: virt-manager (Ubuntu) = libvirt (Ubuntu)
** Tags added: apparmor
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM permanently tries to read
We should not allow access to /dev/shm/lttng-ust-wait-5 to VMs unless
libvirt exposes the files in the domain definition and virt-aa-helper
can update the policy on a per VM basis. We could add a rule to the
libvirt-qemu abstraction, but it would be too generic 'owner /dev/shm
/lttng-ust-wait-*
So maybe it should be explicitly denied to avoid the log flooding ? But
the question remains: why should VMs access this file?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1432644
Title:
VM
71 matches
Mail list logo